Adobe Reader PDF 9.3.4 “Cooltype Sing” Zero Day Exploit

Yeah, I know, another Adobe exploit. And this one came out a few weeks ago. What is crazy though, is that Adobe has known about it for a couple weeks and has not released a patch for it yet. According to Security Focus, Adobe is not even planning on patching this until next month!

Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com. The vendor plans to release updates to address this and other issues during the week of October 4, 2010.

Just wanted to give everyone a heads up on this. This exploit is readily available and I have tested it against a fully patched Windows 7 machine with the latest Adobe Reader version and it worked flawlessly. If you run an infected PDF, it WILL give the attacker a FULL ACCESS remote shell to your computer.

The only clue you will get that something is not right is that Adobe will open the file and then just sit there. I have heard some Anti-Virus companies are starting to block this, but not all of them.

So, what can we do? Well, until Adobe decides to patch it, do not click on any unknown or unexpected PDF links in e-mails, and do not open a PDF file on a website that you are not familiar with. I am stunned that in essence, if they do not patch it until October, this exploit will have been left unpatched for a whole month!